Lead Analyst, Cyber Defense

Job Description

Job Title: Lead Analyst, Cyber Defense

Job Location: Bengaluru, Karnataka

Work Arrangement: Hybrid (3 days per week in office)

Shifts: Rotational shifts

About News Corp

News Corp is a global diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers and businesses throughout the world. The company comprises global businesses across various media, including news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-TV distribution in Australia.

The Role:

We are looking for a Lead Cyber Defense analyst responsible for monitoring and working on active alerts on various security tools (SIEM/XSOAR). The individual in this role is expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines.

This position demands someone willing to use a network of sensors, security tools, and monitoring equipment to proactively identify, evaluate, and remediate potential cybersecurity threats. Based on an understanding of “normal” network activity, SOC analysts use tools and processes to detect anomalous activity, providing 24/7/365 detection and response capabilities.

The person can multitask, work independently, and work collaboratively with teams, some of which may be geographically distributed.

Key Responsibilities

Security Operations Centre (SOC) Analysis and Monitoring:

Lead the day-to-day operations of the SOC, overseeing security incident monitoring, and detection, analysis, and response activities.

Develop and maintain SOC playbooks, standard operating procedures (SOPs), and response plans to ensure efficient and effective incident response.

Investigate security incidents and alerts, perform root cause analysis, and provide recommendations to prevent future occurrences.

Incident Response and Threat Intelligence:

Stay up to date with the latest security threats, vulnerabilities, and attack vectors related to various tools and platforms.

Monitor threat intelligence sources and collaborate with external partners to proactively identify and mitigate potential security risks.

Lead incident response efforts during security breaches or cyber incidents, coordinating with internal teams and external stakeholders to contain and resolve incidents in a timely manner.

Conduct post-incident reviews and lessons learned sessions to improve incident response processes and enhance overall security posture.

Security Operations Center: Managing Operations

Manage ticket queues including escalation of outstanding tickets, tickets requiring updates, and escalation of open tickets where necessary

Ensure quality standards are being met by doing ticket audits and reviewing and completing shift turnover logs

Develop and mentor staff by providing opportunity of growth through delegation, training and assignment of various projects.

Manage PTO requests and other schedule issues that impact SOC operations

Point of escalation for operations/security issues

Identify opportunities for continuous improvement in security operations

Actively seek self-improvement through continuous learning and pursuing advancement to a SOC Manager

Required Skills and Qualifications

7+ years of information security experience

Advanced knowledge of Cyber Defense, Security Operations Center (SOC) operations, incident response, and security monitoring practices.

Prioritize and escalate any issues that could put business objectives, results, or processes at risk.

In-depth knowledge and experience with current cyber threats and landscape to enterprise environments

Ability to architect and drive implementation of large-scale cross-company initiatives

Previous experience with the following tools is required: Splunk, EDR Solutions, Atlassian, ServiceNow, GitHub, Okta, and Microsoft Security products

Familiarity with incident response frameworks and methodologies, such as the NIST Incident Response Framework or the SANS Incident Response Process, to guide efficient and effective incident handling.

Strong knowledge of network protocols, network traffic analysis, and network security principles to detect and respond to network-based threats.

Windows, Linux, and UNIX operating systems

Communication skills, both verbal and written

Desired Qualifications:

Experience with incident response in cloud platforms (AWS, GCP, etc)

Incident Response specific or other relevant certifications (ex. CISSP, GCFA, GCIH, GNFA, GREM, CEH, etc.)

Excellent verbal, written, and interpersonal communication skills

Strong analytical skills with high attention to detail and accuracy

Able to handle confidential material in a professional manner

Able to transform complex data into meaningful and prioritised action

This job is posted with NTS Technology Services Pvt. Ltd.

Job Category:

News Corp is a global, diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers throughout the world. The company comprises businesses across a range of media, including: news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-tv distribution in Australia.

Headquartered in New York, the activities of News Corp are conducted primarily in the United States, Australia, and the United Kingdom.